Re: urgnet need for complete C# code for Password encryption/decryption
From: Dejan Sarka (dejan_please_reply_to_newsgroups.sarka_at_avtenta.si)
Date: 05/17/03
- Next message: grs: "Login stoped working with install of Visual Studio"
- Previous message: CSoloway: "Help...need information"
- In reply to: Amir Eshterayeh: "Re: urgnet need for complete C# code for Password encryption/decryption"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 17 May 2003 16:10:29 +0200
I agree - hashing is becoming nearly a standard.
-- Dejan Sarka, SQL Server MVP FAQ from Neil & others at: http://www.sqlserverfaq.com Please reply only to the newsgroups. PASS - the definitive, global community for SQL Server professionals - http://www.sqlpass.org "Amir Eshterayeh" <aeshterayeh@hotmail.com> wrote in message news:uqSkZxDHDHA.1828@TK2MSFTNGP10.phx.gbl... > Thank you so much. I have found the following information from > > http://www.dotnet247.com/247reference/msgs/1/8366.aspx > > which is said it is better to user hashing instead of encryption for > password coding. > > I will be happy to know your idea cause I need to apply it today :) > > Best Regards > Amir Eshterayeh > ---------------------------------------------------- > > Phillip Pratt [@interact.com] > What you are talking about is hashing, not encrypting. A hash algorithm > is a > one-way function (There's no way to get the original back from the > hash), an > encryption algorithm is a two-way function. Other than that distinction, > though what you are doing is the way to go. A hash is the appropriate > method > for storing passwords because there is never a reason to get back the > original. Also with a hash function, the output size is predetermined > and > independent of the input size (20 Bytes in the case of SHA1). This makes > choosing a datatype in a database pretty easy. And as far as hashing > algorithms go, SHA1 is a good one. > > Here's an example using a text box to get the input value: > > UnicodeEncoding enc = new UnicodeEncoding(); > > byte[] plainbytes = enc.GetBytes(textBox1.Text); > > SHA1 sha = new SHA1CryptoServiceProvider(); > > byte[] result = sha.ComputeHash(plainbytes); > > You may want to then encode the result byte array to some sort of text > encoding (Base64 perhaps?) or just leave it as a byte array for storage. > > Hope this helps. > > "Harris Boyce III" <hboyce@thedotworks.com> wrote in message > news:#bqayu7TBHA.1860@tkmsftngp05... > [Original message clipped] > > *** Sent via Developersdex http://www.developersdex.com *** > Don't just participate in USENET...get rewarded for it!
- Next message: grs: "Login stoped working with install of Visual Studio"
- Previous message: CSoloway: "Help...need information"
- In reply to: Amir Eshterayeh: "Re: urgnet need for complete C# code for Password encryption/decryption"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
